Top 10 Security Menaces for the Upcoming Year

The SANS Institute rounded up twelve security experts to compile a list of the cyber attacks most likely to result in a substantial amount of damage this year. As a result of this roundtable of industry vets, a report entitled Top Ten Cyber Security Menaces for 2008 was produced. Potential problems included in the list are the increasing effectiveness of botnets, emerging mobile phone and VoIP threats, advances in spyware, and even cyber espionage.

Topping out the list as the attack type sure to cause the most serious damage in 2008 are maliciously crafted Web sites that exploit vulnerabilities within your browser. According to the report, these attacks have "migrated from simple ones based on one or two exploits posted on a Web site to more sophisticated attacks based on scripts that cycle through multiple exploits to even more sophisticated attacks that increasingly utilize packaged modules that can effectively disguise their payloads." Although these tools are becoming stronger and tougher to detect, the most troubling aspect here actually lies in their placement. Now more than ever, attackers are finding ways to exploit code on some of the most trusted sites out there. This, according to the twelve experts, gives them a "huge advantage over the unwary public." Also included in the list are Web 2.0 vulnerabilities, which are destined to increase as this technology continues to evolve.

During these times of uncertainty, it is imperative that we each stay vigilant against such attacks. Staying current on the latest browser security happenings is a must. Internet Explorer and Firefox users should also arm themselves with the latest security tools available, because extra protection is always a plus.